How to Access Disaster Recovery, Business Continuity and Continuity of Operations Plan Templates
Table of Contents Introduction... 1 Access to the Templates... 2 1. Login to SharePoint Portal... 2 2. Navigate to Shared Documents... 3 i
Introduction The Office of State Finance and the statewide Cyber Security Focus group have completed a set of templates that can be used to develop or update business continuity and disaster recovery plans. The following is a description of the contents of the package we have compiled. The purpose of this documentation package is to provide all state entities a common source of planning tools to address Business Continuity and Disaster Recovery requirements. Since there are a wide range of differences between agencies, higher education institutions and other state organizations, we have provided three (3) different templates. We have also provided a Tool-kit from the National Association of State Chief Information Officers (NASCIO) that explains the strategic importance and the tactical value of preparing and developing these plans. These documents, including the tool-kit, are designed around checklists that can be used to prepare your plan(s). We recommend that you review the attached tool-kit first to familiarize yourself with the process in general, which can help you select the template that best fits your needs. The templates are designed to be modular and to address the areas of consequence for both business and technology functions. The first template, the Continuity of Operations Plan (COOP), can be used by organizations of all sizes. It is based on an original format provided by the Federal Emergency Management Agency (FEMA) to establish the basic policies, definitions, and assumptions that form the framework for the planning process. The COOP format has been modified to include some of the basic aspects of emergency preparedness, in addition to the original intent of being the overarching plan that combines all aspects of continuity planning. This can make it appealing to smaller organizations and for remote segments of larger organizations. The second template, the Business Continuity plan, focuses on preparing for the recovery of critical business functions and processes, in the absence or loss of the normal office environment (business work areas) and/or the loss of the technology tools and services typically used in daily business operations. It is designed to address any business interruption that renders the facility inoperable or unusable. The purpose of this planning process is to ensure: 1) the safety of employees and visitors; 2) that threats are identified and restricted before they cause damage or disruption; 3) that plans are prepared in advance to allow business functions to continue with the least amount of interruption; and 4) that plans and procedures are documented to provide quick and effective execution of recovery strategies. The third template, the Disaster Recovery plan, focuses on the recovery of technology assets and services required to support critical business functions. This plan is intended to restore the operability of designated systems and applications typically found in a data center facility. The objective of this plan is to protect technology assets and employees and to safeguard vital records. IT is the custodian of information processing assets and must ensure the continued availability of essential services. The goal of this plan is to document the pre-agreed procedures for responding to a disaster involving a partial or total loss of the data center and its services. Page 1
Access to the Templates 1. Login to SharePoint Portal All templates have been stored on the statewide Cyber Security portal; this portal can be accessed by navigating to your entities portal located at: https://www.cybersecurity.ok.gov/entity_name Where entity_name is your agency number followed by an acronym, such as 000testcase. Note: Internet Explorer must be used in order to access this site. This is a requirement of SharePoint and not the Office of State Finance. Once the URL is entered, the user will be prompted to enter their user name and Password. Each state entity has a unique entity_name and password combination associated with their webpage. These were used last year to access and review the results of the 2006 risk assessment results. If you need to verify your login credentials, please contact the OSF Help Desk at helpdesk@osf.ok.gov, 405-521-2444 or 866-521-2444. Page 2
2. Navigate to Shared Documents Once the user has successfully logged on, they can navigate to the statewide portal by clicking on the Up to State of Oklahoma SharePoint Portal in the upper right corner of the page. The user may see get a Security Information window, this window informs the user that there are both secure and non-secure items on the page; Click Yes to display the page. Once you have been directed to the State of Oklahoma SharePoint Portal, you can navigate to the templates by clicking on the Shared Documents link located within the Quick Launch toolbar. Page 3
Click on the Statewide Templates folder, and then click on the Business Continuity and Disaster Recovery folder: Then click on the file you want to open from the list. Depending on the version of Windows and Internet Explorer you are using, you will see a warning message about opening unknown files: Page 4
Click the OK button (above) to proceed. You will get another Security Alert about trusting information from websites with questionable security certificates. Respond Yes to the Do you want to proceed? question. If this is the first file you have opened with an Office product (Word, Excel, etc.), you may be prompted to reenter your logon credentials. After re-authentication, Microsoft Word will open the document selected (in Read Only) mode. If you want to save a copy, please use the File, Save As option in Word to your preferred storage location. You can repeat the steps above for each document you want to review and/or save to a new location. Page 5